AC-20(5)—Portable Storage Devices — Prohibited Use
>Control Description
Prohibit the use of organization-controlled portable storage devices by authorized individuals on external systems.
>Supplemental Guidance
Limits on the use of organization-controlled portable storage devices in external systems include a complete prohibition of the use of such devices. Prohibiting such use is enforced using technical methods and/or nontechnical (i.e., process-based) methods.